{"563531":{"#nid":"563531","#data":{"type":"event","title":"Cybersecurity Lecture Series - Sept. 23","body":[{"value":"\u003Ch4\u003EMeet academic and industry leaders for intimate discussions about new cyber threats, trends and technologies.\u003Cem\u003E \u003Cbr \/\u003E\u003C\/em\u003E\u003C\/h4\u003E\u003Cp\u003EThe weekly \u003Cstrong\u003ECybersecurity Lecture Series\u003C\/strong\u003E is a free, open-to-the-public lecture from a thought leader who is advancing the field of information security and privacy. Invited speakers include executives and researchers from private companies, government agencies, start-up incubators as well as Georgia Tech faculty and students presenting their research.\u003C\/p\u003E\u003Cp\u003EHeld \u003Cstrong\u003Eweekly each Friday at Noon\u003C\/strong\u003E \u003Cstrong\u003Ethrough Dec. 2\u003C\/strong\u003E, lectures are open to all -- students, faculty, industry, government, or simply the curious. Students may register for credit under seminar course CS-8001-INF.\u003C\/p\u003E\u003Cp\u003E\u003Cem\u003E\u003Ca href=\u0022http:\/\/www.iisp.gatech.edu\/register-cybersecurity-lecture-series-sept-23\u0022 target=\u0022_blank\u0022\u003EComplimentary lunch provided for registered guests\u003C\/a\u003E. Please bring your own beverage.\u003C\/em\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cem\u003E\u003Ca href=\u0022http:\/\/www.iisp.gatech.edu\/cyber-lecture\u0022 target=\u0022_blank\u0022\u003ESign up to receive future lecture announcements.\u003C\/a\u003E\u003Cbr \/\u003E\u003C\/em\u003E\u003C\/p\u003E\u003Ch4\u003E\u003Cem\u003E\u0026nbsp;\u003Cbr \/\u003E\u003C\/em\u003E\u003C\/h4\u003E\u003Ch4\u003EFeaturing Yeongjin Jang on Sept. 23\u003Cem\u003E\u003Cbr \/\u003E\u003C\/em\u003E\u003C\/h4\u003E\u003Ch5\u003E\u0022Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX\u0022\u003C\/h5\u003E\u003Cp\u003EKernel hardening has been an important topic, as many applications and security mechanisms often consider the kernel their Trusted Computing Base (TCB). Among various hardening techniques, kernel address space layout randomization (KASLR) is the most effective and widely adopted technique that can practically mitigate various memory corruption vulnerabilities, such as buffer overflow and use-after-free. In principle, KASLR is secure as long as no memory disclosure vulnerability exists and high randomness is ensured. In this talk, we present a novel timing side-channel attack against KASLR, called DrK (De-randomizing Kernel address space), which can accurately, silently, and rapidly de-randomize the kernel memory layout by identifying page properties: unmapped, executable, or non-executable pages. DrK is based on a new hardware feature, Intel Transactional Synchronization Extension (TSX), which allows us to execute a transaction without interrupting the underlying operating system even when the transaction is aborted due to errors, such as access violation and page faults. In DrK, we turned this property into a timing channel that can accurately distinguish the mapping status (i.e., mapped versus unmapped) and execution status (i.e., executable versus non-executable) of the privileged address space. In addition to its surprising accuracy and precision, the DrK attack is not only universally applicable to all OSes, even under a virtualized environment, but also has no visible footprint, making it nearly impossible to be detected in practice. We demonstrate that DrK breaks the KASLR of all major OSes, including Windows, Linux, and OS X with near-perfect accuracy in a few seconds. Finally, we propose potential hardware modifications that can prevent or mitigate the DrK attack..\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EBIO\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EYeongjin Jang \u003C\/strong\u003Eis a Ph.D. student in the School of Computer Science at the Georgia Institute of Technology. His research is centered around operating system and mobile security. He especially focuses on finding ways of how a system can fail, then devising countermeasures to make the system more secure. In addition to academic research, he participates in various capture-the-flags (CTF) challenges, including DEF CON CTF, the DARPA Cyber Grand Challenge and more. He is a winner of the black badge from DEF CON 23 CTF.\u003C\/p\u003E","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp\u003EYeongjin Jang, a PhD student from the School of Computer Science, delivers a presentation he gave at BlackHat 2016 about kernel security.\u003C\/p\u003E","format":"limited_html"}],"field_summary_sentence":[{"value":"Meet students, academic and industry leaders for intimate discussions about new cyber threats, trends and technologies."}],"uid":"27490","created_gmt":"2016-08-16 14:17:30","changed_gmt":"2017-04-13 21:15:06","author":"Tara La Bouff","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2016-09-23T13:00:00-04:00","event_time_end":"2016-09-23T14:00:00-04:00","event_time_end_last":"2016-09-23T14:00:00-04:00","gmt_time_start":"2016-09-23 17:00:00","gmt_time_end":"2016-09-23 18:00:00","gmt_time_end_last":"2016-09-23 18:00:00","rrule":null,"timezone":"America\/New_York"},"extras":[],"hg_media":{"538461":{"id":"538461","type":"image","title":"Cybersecurity Lecture Series","body":null,"created":"1464703200","gmt_created":"2016-05-31 14:00:00","changed":"1475895326","gmt_changed":"2016-10-08 02:55:26","alt":"Cybersecurity Lecture Series","file":{"fid":"89506","name":"cls_email_header.jpg","image_path":"\/sites\/default\/files\/images\/cls_email_header.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/cls_email_header.jpg","mime":"image\/jpeg","size":461835,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/cls_email_header.jpg?itok=NPA_x_rn"}},"451391":{"id":"451391","type":"image","title":"IISP logo","body":null,"created":"1449256280","gmt_created":"2015-12-04 19:11:20","changed":"1475895192","gmt_changed":"2016-10-08 02:53:12","alt":"IISP logo","file":{"fid":"203339","name":"instituteforinformationsecurityprivacy-outline-black874.jpg","image_path":"\/sites\/default\/files\/images\/instituteforinformationsecurityprivacy-outline-black874_0.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/instituteforinformationsecurityprivacy-outline-black874_0.jpg","mime":"image\/jpeg","size":88082,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/instituteforinformationsecurityprivacy-outline-black874_0.jpg?itok=JGV2BzFy"}}},"media_ids":["538461","451391"],"groups":[{"id":"47223","name":"College of Computing"},{"id":"50875","name":"School of Computer Science"},{"id":"50876","name":"School of Interactive Computing"},{"id":"50877","name":"School of Computational Science and Engineering"},{"id":"322011","name":"College of Computing Events"},{"id":"430601","name":"Institute for Information Security and Privacy"}],"categories":[],"keywords":[{"id":"1404","name":"Cybersecurity"},{"id":"168735","name":"kernel attacks"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1795","name":"Seminar\/Lecture\/Colloquium"}],"invited_audience":[{"id":"78751","name":"Undergraduate students"},{"id":"78761","name":"Faculty\/Staff"},{"id":"78771","name":"Public"},{"id":"174045","name":"Graduate students"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[{"value":"\u003Cp\u003ETara La Bouff, \u003Ca href=\u0022mailto:tara.labouff@iisp.gatech.edu\u0022\u003Etara.labouff@iisp.gatech.edu\u003C\/a\u003E, 404.769.5408\u003C\/p\u003E","format":"limited_html"}],"email":[],"slides":[],"orientation":[],"userdata":""}}}